I've also gathered this is WeChat related and we're on MX 14.38. Additionally, we've tested MX 15.1 and still see the issue. From what I gather, this issue sits in one of two places - either the SNORT rule is out of date and needs to be updated with false positive info (which support is apparently useless for - they'll just suggest "whitelist") or the SNORT implementation from Meraki needs some tweaking. Would be great to see this fixed... ... View more

Hey Adam, thanks for the reply --   Its the IP for our load balancer and will direct traffic to one of two mail servers so you're correct. I'd run packet captures but I'm not 100% sure what I would be looking for. ... View more